Phishing emails take advantage of legitimate business brands to implant malware in an attachment or download or obtain login credentials. Phishing remains the primary method of obtaining credentials for attacks. You must know how to protect yourself, your users, and your business against phishing.<\/p>\n
\n
<\/p>\n
Identification of phishing emails<\/h3>\n
Hackers and phishing groups are constantly changing their patterns to improve both their targeting and the effectiveness of their emails in exploiting users, but there are some common characteristics to every phishing email.<\/p>\n
<\/p>\n
![\"correo](\"https:\/\/mxtoolbox.files.wordpress.com\/2018\/01\/phishingemail.jpg\")
<\/p>\n
\u00bfPor qu\u00e9 me importar\u00eda si el phishing proviene “de” mi dominio?<\/h2>\n
Put yourself in the shoes of your customers, partners and suppliers. If you received an email that appeared to be from one of them, but it turned out to be phishing, would you still trust them? Would that erode their brand on your mind? Are you more likely to check your legitimate emails for errors, problems, and threats? Phishing with your domain hurts your brand, even when your customers know you are not responsible! Additionally, phishing puts the delivery of your email at risk. Increasingly, email inbox providers like Google, Yahoo! and Outlook.com looks at the domain an email is coming from and what the reputation of that domain is on their systems. If your domain name has been used for phishing, then all of your emails may come under additional scrutiny. If not controlled,<\/p>\n
How do I recognize the phishing of my domain?<\/h3>\n
Ocasionalmente, los destinatarios del correo electr\u00f3nico le preguntar\u00e1n directamente “\u00bfEnvi\u00f3 este correo electr\u00f3nico?”, Pero para entonces, ya es demasiado tarde.\u00a0Los correos electr\u00f3nicos de phishing son como las cucarachas: ver uno significa potencialmente cientos escondidos en la madera.\u00a0Sin adoptar tres nuevas tecnolog\u00edas (ish), realmente no puede saber cu\u00e1ndo se est\u00e1 utilizando su dominio para fraude y phishing.\u00a0Las tecnolog\u00edas que necesita para pensar son\u00a0SPF<\/a>\u00a0,\u00a0DKIM<\/a>\u00a0Y\u00a0DMARC<\/a>and each works together SPF lets you tell the world who can send emails on your behalf, DKIM lets you digitally sign your emails, and DMARC lets you designate an email address to receive feedback on your email, among other things . Once you have the SPF and DKIM settings for most of your email, you can get feedback on your email through the email address on the DMARC record. Each email inbox provider (Google, Yahoo!, Outlook.com, etc.) will provide comments containing to\u00a0\u00a0all that<\/em>\u00a0send emails\u00a0\u00a0for your domain,\u00a0<\/em>\u00a0legitimate and phishing, they received. You will want to analyze the comments to identify the IP addresses and domains that are not legitimately connected to your business.<\/p>\n Here again, SPF, DKIM, and DMARC are important technologies to understand. IP addresses and domains that fail to align or authenticate with SPF, DKIM, or DMARC are likely candidates for phishing scams. However, these can also be legitimate senders that are misconfigured or not included in your SPF. You will need to research each one to determine its legitimacy. Once you are sure you know who is legitimate and that they are passing SPF, DKIM, and DMARC controls, you can start informing inbox providers what to do with email that does not meet these controls. DMARC allows you to set the steps that a recipient should take with email that is failing SPF, DKIM, and DMARC checks:<\/p>\n Your DMARC record also allows you to set the percentage of traffic subject to these rules, from 0 to 100%. This level of granularity is important to allow you to control how quickly you move all of your emails into a rejected state. This way you can test to see if legitimate email is affected without negatively impacting your business. Once you reach a 100% reject policy, you are filtering all phishing using your domain.<\/p>\n<\/div>\n En el ejemplo de la derecha, la direcci\u00f3n de correo electr\u00f3nico “De” utiliz\u00f3 Paypal, pero lo he visto con muchas grandes marcas, especialmente en las industrias de tarjetas de cr\u00e9dito, financieras, bancarias y de seguros. \u00a0Ask yourself: do you really have an account? Is this the email address for that account? Have you done anything with the account lately?<\/strong><\/em><\/p>\n Es relativamente f\u00e1cil falsificar una direcci\u00f3n “De”.\u00a0Las Normas de correo electr\u00f3nico permiten que terceros remitentes de correo electr\u00f3nico env\u00eden correos electr\u00f3nicos en nombre de otro dominio; de lo contrario, los proveedores de la bandeja de entrada como Google y Outlook.com o los proveedores de correo masivo no pueden enviar correos electr\u00f3nicos para los dominios comerciales o personales que alojan.\u00a0Si “De” y Ruta de retorno no coinciden y la Ruta de retorno parece aleatoria o sombr\u00eda, es muy probable que tenga un correo electr\u00f3nico de phishing.\u00a0Adem\u00e1s, la mayor\u00eda de las empresas no utilizar\u00e1 un tercero para enviar correos electr\u00f3nicos importantes de informaci\u00f3n de cuenta como el anterior, sino sus propios servidores internos. \u00a0Check the Return Path email address in the header to see if it looks legitimate.<\/strong><\/em><\/p>\n If you have to download something that you did not ask the company for, it is likely a phishing email and may contain malware. Even PDFs or DOCs can contain malicious payloads. At the very least, they try to induce you to think that your fake document is valid so that they can obtain personal, private or financial data from you. \u00a0Do not download attachments that you have not requested.<\/em><\/strong><\/p>\n El correo electr\u00f3nico le pedir\u00e1 que “act\u00fae pronto” o le costar\u00e1 dinero.\u00a0Este sentido de urgencia te hace reaccionar antes de pensar. \u00a0Take a breath before you act on any emails that look really important. \u00a0<\/strong><\/em><\/p>\n Often times, a phishing email will include a link to a third or fourth domain or just an IP address. The goal here is to get you to unexpectedly click on any link so that they can improve the information and get your information when you try to log into your fake website. Sometimes domains even look like subdomains or related domains. \u00a0Always check the links before clicking on them. When in doubt about any links, open a clean window and navigate to the company's website and log into your account from there to verify the problem. \u00a0<\/strong><\/em><\/p>\n Algunos correos electr\u00f3nicos de phishing, como el de arriba, se ven bien en la superficie.\u00a0Por ejemplo, los logotipos se ven correctos, las fuentes y el esquema de color son apropiados y parte del lenguaje es incluso directo de correos electr\u00f3nicos leg\u00edtimos.\u00a0Sin embargo, cuando lees m\u00e1s a fondo, puedes ver errores ortogr\u00e1ficos, errores gramaticales u otras \u00e1reas donde est\u00e1 claro que el escritor no era un hablante nativo de ingl\u00e9s.\u00a0Observe arriba que “DeLL” no est\u00e1 escrito correctamente ni la frase “\u00bfEste no es usted?”\u00a0Ingles apropiado. \u00a0Take a moment to read the information presented in the email and check for grammar and spelling.<\/strong><\/em><\/p>\n <\/p>\n Phishing occurs when a third party, usually a malicious hacker or website, uses a company's brand identity to corner a user and expose private information. There are two types of email phishing: Phishing messages coming to you Phishing messages coming from you\u2026<\/p>","protected":false},"author":25,"featured_media":38860,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2027,2150],"tags":[],"class_list":["post-38859","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-seguridad","category-temas-de-interes"],"jetpack_featured_media_url":"https:\/\/webirix.com\/wp-content\/uploads\/2018\/04\/8543.jpg","_links":{"self":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/38859","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/comments?post=38859"}],"version-history":[{"count":3,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/38859\/revisions"}],"predecessor-version":[{"id":38863,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/38859\/revisions\/38863"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media\/38860"}],"wp:attachment":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media?parent=38859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/categories?post=38859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/tags?post=38859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}How do I stop phishing with my domain?<\/h3>\n
\n
\nPhishing emails leverage a strong brand<\/h4>\n
El dominio “De” y el Dominio de ruta de retorno no coincidir\u00e1n<\/h4>\n
There is an attached file<\/h4>\n
\nThere is a sense of urgency<\/h4>\n
Links on the page go to a different domain<\/h4>\n
Quality varies<\/h4>\n
BIOGRAPHY https:\/\/mxtoolbox.com\/c\/landing\/identifyingphishing?utm_source=IDPhishingEmail&utm_medium=email&utm_term=inlinelink&utm_campaign=IDPhishingEmail<\/h6>","protected":false},"excerpt":{"rendered":"